Hacker News new | past | comments | ask | show | jobs | submit login

I've built an iMessage chat.db reader as well. To me the most astounding thing is that chat.db is unencrypted sqlite. Anyone who can see your home folder can read all your private chats or upload the chat.db to be read somewhere else.

It's impressively insecure.




macOS now has System Integrity Protection which requires manual Full Disk Access perms to read chat.db so any random app cannot touch it.


Which you end up applying to random things like ruby because Emacs.app uses a ruby-based launcher and anything less than Full Disk Access breaks dired.


So as a developer you need full disk access to run your programs? Oh my god, the surprise ;-)


Reading this after GP called it reverse engineering makes me feel he should've use different terminology.


Why would a lack of encryption make it not reverse engineering? There's a database schema, it was engineered* and used to build a database. They went from the live data back to the schema.

*For some definitions of "engineered", apparently.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: